codedd-cli 0.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- codedd_cli/__init__.py +3 -0
- codedd_cli/__main__.py +19 -0
- codedd_cli/api/__init__.py +4 -0
- codedd_cli/api/client.py +118 -0
- codedd_cli/api/endpoints.py +44 -0
- codedd_cli/api/exceptions.py +25 -0
- codedd_cli/auditor/__init__.py +6 -0
- codedd_cli/auditor/architecture_analyzer.py +1241 -0
- codedd_cli/auditor/architecture_prompts.py +171 -0
- codedd_cli/auditor/complexity_analyzer.py +942 -0
- codedd_cli/auditor/dependency_scanner.py +2478 -0
- codedd_cli/auditor/file_auditor.py +572 -0
- codedd_cli/auditor/git_stats_collector.py +332 -0
- codedd_cli/auditor/response_parser.py +487 -0
- codedd_cli/auditor/vulnerability_validator.py +324 -0
- codedd_cli/auth/__init__.py +4 -0
- codedd_cli/auth/session.py +41 -0
- codedd_cli/auth/token_manager.py +87 -0
- codedd_cli/cli.py +69 -0
- codedd_cli/commands/__init__.py +1 -0
- codedd_cli/commands/audit_cmd.py +1877 -0
- codedd_cli/commands/audits_cmd.py +273 -0
- codedd_cli/commands/auth_cmd.py +230 -0
- codedd_cli/commands/config_cmd.py +454 -0
- codedd_cli/commands/scope_cmd.py +967 -0
- codedd_cli/config/__init__.py +4 -0
- codedd_cli/config/constants.py +22 -0
- codedd_cli/config/settings.py +369 -0
- codedd_cli/llm/__init__.py +1 -0
- codedd_cli/llm/key_manager.py +271 -0
- codedd_cli/models/__init__.py +5 -0
- codedd_cli/models/account.py +13 -0
- codedd_cli/models/audit.py +32 -0
- codedd_cli/models/local_directory.py +26 -0
- codedd_cli/scanner/__init__.py +18 -0
- codedd_cli/scanner/file_classifier.py +247 -0
- codedd_cli/scanner/file_walker.py +207 -0
- codedd_cli/scanner/line_counter.py +75 -0
- codedd_cli/utils/__init__.py +1 -0
- codedd_cli/utils/directory_validator.py +179 -0
- codedd_cli/utils/display.py +493 -0
- codedd_cli/utils/payload_inspector.py +180 -0
- codedd_cli/utils/security.py +14 -0
- codedd_cli/utils/validators.py +37 -0
- codedd_cli-0.1.0.dist-info/METADATA +276 -0
- codedd_cli-0.1.0.dist-info/RECORD +49 -0
- codedd_cli-0.1.0.dist-info/WHEEL +4 -0
- codedd_cli-0.1.0.dist-info/entry_points.txt +3 -0
- codedd_cli-0.1.0.dist-info/licenses/LICENSE +21 -0
|
@@ -0,0 +1,180 @@
|
|
|
1
|
+
"""
|
|
2
|
+
General-purpose payload inspection for the ``--show`` flag.
|
|
3
|
+
|
|
4
|
+
Any CLI command that sends data to CodeDD can use this module to:
|
|
5
|
+
1. Write the outgoing payload or request to a human-readable ``.txt`` file.
|
|
6
|
+
2. Open the file for the user to review.
|
|
7
|
+
3. Ask for explicit confirmation before sending.
|
|
8
|
+
|
|
9
|
+
This ensures full transparency: users always know **exactly** what
|
|
10
|
+
data leaves their machine.
|
|
11
|
+
|
|
12
|
+
Use :func:`review_payload` for POST bodies (e.g. scope registration).
|
|
13
|
+
Use :func:`review_request` for GET/POST request summaries (method, endpoint, params, body).
|
|
14
|
+
|
|
15
|
+
Usage example::
|
|
16
|
+
|
|
17
|
+
from codedd_cli.utils.payload_inspector import review_payload, review_request
|
|
18
|
+
|
|
19
|
+
# POST with JSON body
|
|
20
|
+
if not review_payload(payload, command_label="Scope Registration"):
|
|
21
|
+
raise typer.Exit()
|
|
22
|
+
|
|
23
|
+
# GET or request summary
|
|
24
|
+
if not review_request("GET", "/api/cli/scope/files/", params={"audit_uuid": u}):
|
|
25
|
+
raise typer.Exit()
|
|
26
|
+
"""
|
|
27
|
+
|
|
28
|
+
import json
|
|
29
|
+
import os
|
|
30
|
+
import platform
|
|
31
|
+
import subprocess
|
|
32
|
+
import tempfile
|
|
33
|
+
from datetime import datetime, timezone
|
|
34
|
+
from typing import Any, Optional
|
|
35
|
+
|
|
36
|
+
from rich.console import Console
|
|
37
|
+
from rich.prompt import Confirm
|
|
38
|
+
|
|
39
|
+
console = Console()
|
|
40
|
+
|
|
41
|
+
|
|
42
|
+
def write_payload_file(
|
|
43
|
+
payload: Any,
|
|
44
|
+
*,
|
|
45
|
+
command_label: str = "API Request",
|
|
46
|
+
context_note: str = "This file contains ONLY metadata. No source code content is included.",
|
|
47
|
+
) -> str:
|
|
48
|
+
"""
|
|
49
|
+
Serialise *payload* to a formatted ``.txt`` file in the system temp directory.
|
|
50
|
+
|
|
51
|
+
The file includes a human-readable header, the context note, and the
|
|
52
|
+
full JSON payload.
|
|
53
|
+
|
|
54
|
+
Args:
|
|
55
|
+
payload: Any JSON-serialisable object (dict, list, etc.).
|
|
56
|
+
command_label: Short label shown in the file header (e.g. ``"Scope Registration"``).
|
|
57
|
+
context_note: Explanatory text placed before the JSON body.
|
|
58
|
+
|
|
59
|
+
Returns:
|
|
60
|
+
Absolute path to the written file.
|
|
61
|
+
"""
|
|
62
|
+
timestamp = datetime.now(timezone.utc).strftime("%Y%m%d_%H%M%S")
|
|
63
|
+
safe_label = "".join(c if c.isalnum() or c in "-_" else "_" for c in command_label)
|
|
64
|
+
filename = f"codedd_{safe_label}_{timestamp}.txt"
|
|
65
|
+
filepath = os.path.join(tempfile.gettempdir(), filename)
|
|
66
|
+
|
|
67
|
+
with open(filepath, "w", encoding="utf-8") as fh:
|
|
68
|
+
fh.write("=" * 72 + "\n")
|
|
69
|
+
fh.write(f" CodeDD CLI — {command_label}\n")
|
|
70
|
+
fh.write(f" Generated: {datetime.now(timezone.utc).isoformat()}\n")
|
|
71
|
+
fh.write("=" * 72 + "\n\n")
|
|
72
|
+
if context_note:
|
|
73
|
+
fh.write(context_note + "\n\n")
|
|
74
|
+
fh.write("-" * 72 + "\n\n")
|
|
75
|
+
json.dump(payload, fh, indent=2, ensure_ascii=False, default=str)
|
|
76
|
+
fh.write("\n")
|
|
77
|
+
|
|
78
|
+
return filepath
|
|
79
|
+
|
|
80
|
+
|
|
81
|
+
def open_file(filepath: str) -> None:
|
|
82
|
+
"""
|
|
83
|
+
Attempt to open *filepath* with the operating system's default viewer.
|
|
84
|
+
|
|
85
|
+
Fails silently — the path is always printed separately so the user
|
|
86
|
+
can open it manually.
|
|
87
|
+
"""
|
|
88
|
+
try:
|
|
89
|
+
system = platform.system()
|
|
90
|
+
if system == "Windows":
|
|
91
|
+
os.startfile(filepath) # type: ignore[attr-defined]
|
|
92
|
+
elif system == "Darwin":
|
|
93
|
+
subprocess.run(["open", filepath], check=False)
|
|
94
|
+
else:
|
|
95
|
+
subprocess.run(["xdg-open", filepath], check=False)
|
|
96
|
+
except Exception:
|
|
97
|
+
pass
|
|
98
|
+
|
|
99
|
+
|
|
100
|
+
def review_payload(
|
|
101
|
+
payload: Any,
|
|
102
|
+
*,
|
|
103
|
+
command_label: str = "API Request",
|
|
104
|
+
context_note: str = "This file contains ONLY metadata. No source code content is included.",
|
|
105
|
+
confirm_prompt: str = "Proceed with sending this data to CodeDD?",
|
|
106
|
+
) -> bool:
|
|
107
|
+
"""
|
|
108
|
+
Write the payload to a file, open it, and ask the user for confirmation.
|
|
109
|
+
|
|
110
|
+
This is the **one-call** convenience function that combines
|
|
111
|
+
:func:`write_payload_file`, :func:`open_file`, and a ``Confirm`` prompt.
|
|
112
|
+
|
|
113
|
+
Args:
|
|
114
|
+
payload: JSON-serialisable data.
|
|
115
|
+
command_label: Label for the file header.
|
|
116
|
+
context_note: Transparency note shown in the file.
|
|
117
|
+
confirm_prompt: Question text for the confirmation prompt.
|
|
118
|
+
|
|
119
|
+
Returns:
|
|
120
|
+
``True`` if the user confirmed, ``False`` if they declined.
|
|
121
|
+
"""
|
|
122
|
+
filepath = write_payload_file(
|
|
123
|
+
payload,
|
|
124
|
+
command_label=command_label,
|
|
125
|
+
context_note=context_note,
|
|
126
|
+
)
|
|
127
|
+
|
|
128
|
+
console.print(f"\n[bold]Payload written to:[/bold] {filepath}\n")
|
|
129
|
+
console.print(
|
|
130
|
+
f"[dim]Review the file above. {context_note}[/dim]"
|
|
131
|
+
)
|
|
132
|
+
open_file(filepath)
|
|
133
|
+
console.print()
|
|
134
|
+
|
|
135
|
+
return Confirm.ask(confirm_prompt, default=True)
|
|
136
|
+
|
|
137
|
+
|
|
138
|
+
def review_request(
|
|
139
|
+
method: str,
|
|
140
|
+
path: str,
|
|
141
|
+
*,
|
|
142
|
+
params: Optional[dict[str, Any]] = None,
|
|
143
|
+
json_body: Optional[Any] = None,
|
|
144
|
+
command_label: str = "API Request",
|
|
145
|
+
context_note: str = "This file describes the request that will be sent to CodeDD.",
|
|
146
|
+
confirm_prompt: str = "Proceed with sending this request to CodeDD?",
|
|
147
|
+
) -> bool:
|
|
148
|
+
"""
|
|
149
|
+
Build a request summary (method, path, params, body) and run the review flow.
|
|
150
|
+
|
|
151
|
+
Use for GET requests (params only), POST with body, or any call where you
|
|
152
|
+
want a single transparency file showing exactly what will be sent.
|
|
153
|
+
|
|
154
|
+
Args:
|
|
155
|
+
method: HTTP method (e.g. "GET", "POST").
|
|
156
|
+
path: API path (e.g. "/api/cli/scope/files/").
|
|
157
|
+
params: Optional query parameters (for GET or POST).
|
|
158
|
+
json_body: Optional JSON body (for POST/PUT).
|
|
159
|
+
command_label: Label for the file header.
|
|
160
|
+
context_note: Transparency note in the file.
|
|
161
|
+
confirm_prompt: Confirmation question.
|
|
162
|
+
|
|
163
|
+
Returns:
|
|
164
|
+
True if the user confirmed, False if they declined.
|
|
165
|
+
"""
|
|
166
|
+
payload: dict[str, Any] = {
|
|
167
|
+
"method": method.upper(),
|
|
168
|
+
"endpoint": path,
|
|
169
|
+
}
|
|
170
|
+
if params:
|
|
171
|
+
payload["query_params"] = params
|
|
172
|
+
if json_body is not None:
|
|
173
|
+
payload["body"] = json_body
|
|
174
|
+
|
|
175
|
+
return review_payload(
|
|
176
|
+
payload,
|
|
177
|
+
command_label=command_label,
|
|
178
|
+
context_note=context_note,
|
|
179
|
+
confirm_prompt=confirm_prompt,
|
|
180
|
+
)
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"""
|
|
2
|
+
Security utilities for the CLI.
|
|
3
|
+
"""
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
def mask_token(token: str) -> str:
|
|
7
|
+
"""
|
|
8
|
+
Return a masked representation of a CLI token suitable for display.
|
|
9
|
+
|
|
10
|
+
Example: ``codedd_cli_...xYz9``
|
|
11
|
+
"""
|
|
12
|
+
if not token or len(token) < 16:
|
|
13
|
+
return "***"
|
|
14
|
+
return f"codedd_cli_...{token[-4:]}"
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
"""
|
|
2
|
+
Input validation helpers for the CLI.
|
|
3
|
+
"""
|
|
4
|
+
|
|
5
|
+
import re
|
|
6
|
+
|
|
7
|
+
# Standard UUID v4 pattern
|
|
8
|
+
_UUID_RE = re.compile(
|
|
9
|
+
r"^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$",
|
|
10
|
+
re.IGNORECASE,
|
|
11
|
+
)
|
|
12
|
+
|
|
13
|
+
# CLI token format: codedd_cli_ followed by base64url characters (A-Za-z0-9_-)
|
|
14
|
+
# Base64url encoding can produce 64+ character strings after the prefix
|
|
15
|
+
_TOKEN_RE = re.compile(r"^codedd_cli_[A-Za-z0-9_\-]{32,}$")
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
def is_valid_uuid(value: str) -> bool:
|
|
19
|
+
"""Return True when *value* looks like a valid UUID v4."""
|
|
20
|
+
if not value:
|
|
21
|
+
return False
|
|
22
|
+
return bool(_UUID_RE.match(value.strip()))
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
def is_valid_cli_token(value: str) -> bool:
|
|
26
|
+
"""
|
|
27
|
+
Return True when *value* matches the expected CLI token format.
|
|
28
|
+
|
|
29
|
+
Tokens are base64url-encoded (48 bytes = ~64 chars after encoding),
|
|
30
|
+
so we require at least 32 characters after the prefix to ensure
|
|
31
|
+
sufficient entropy. Handles whitespace stripping automatically.
|
|
32
|
+
"""
|
|
33
|
+
if not value:
|
|
34
|
+
return False
|
|
35
|
+
# Strip whitespace (handles copy-paste issues)
|
|
36
|
+
cleaned = value.strip()
|
|
37
|
+
return bool(_TOKEN_RE.match(cleaned))
|
|
@@ -0,0 +1,276 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: codedd-cli
|
|
3
|
+
Version: 0.1.0
|
|
4
|
+
Summary: CLI tool for CodeDD — run code audits from your terminal
|
|
5
|
+
License: MIT
|
|
6
|
+
License-File: LICENSE
|
|
7
|
+
Keywords: code-audit,security,cli,codedd
|
|
8
|
+
Author: CodeDD
|
|
9
|
+
Author-email: support@codedd.ai
|
|
10
|
+
Requires-Python: >=3.10,<4.0
|
|
11
|
+
Classifier: Development Status :: 3 - Alpha
|
|
12
|
+
Classifier: Environment :: Console
|
|
13
|
+
Classifier: Intended Audience :: Developers
|
|
14
|
+
Classifier: License :: OSI Approved :: MIT License
|
|
15
|
+
Classifier: Programming Language :: Python :: 3
|
|
16
|
+
Classifier: Programming Language :: Python :: 3.10
|
|
17
|
+
Classifier: Programming Language :: Python :: 3.11
|
|
18
|
+
Classifier: Programming Language :: Python :: 3.12
|
|
19
|
+
Classifier: Programming Language :: Python :: 3.13
|
|
20
|
+
Classifier: Programming Language :: Python :: 3.14
|
|
21
|
+
Classifier: Topic :: Security
|
|
22
|
+
Classifier: Topic :: Software Development :: Quality Assurance
|
|
23
|
+
Requires-Dist: httpx (>=0.27.0)
|
|
24
|
+
Requires-Dist: keyring (>=25.0.0)
|
|
25
|
+
Requires-Dist: lizard (>=1.17.0)
|
|
26
|
+
Requires-Dist: radon (>=6.0.0)
|
|
27
|
+
Requires-Dist: rich (>=13.0.0)
|
|
28
|
+
Requires-Dist: tomli (>=2.0.0) ; python_version < "3.11"
|
|
29
|
+
Requires-Dist: tomli-w (>=1.0.0)
|
|
30
|
+
Requires-Dist: typer[all] (>=0.9.0)
|
|
31
|
+
Project-URL: Homepage, https://codedd.ai
|
|
32
|
+
Project-URL: Repository, https://github.com/codedd/codedd-cli
|
|
33
|
+
Description-Content-Type: text/markdown
|
|
34
|
+
|
|
35
|
+
# CodeDD CLI
|
|
36
|
+
|
|
37
|
+
**Run code audits from your terminal.** The CodeDD CLI lets you define scope locally, run file-level and complexity analysis on your machine (using your own LLM API keys), and sync results to [CodeDD](https://codedd.ai) for consolidation, recommendations, and dashboards.
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## What is CodeDD CLI?
|
|
42
|
+
|
|
43
|
+
CodeDD CLI is the official command-line interface for the CodeDD platform. You:
|
|
44
|
+
|
|
45
|
+
- **Define scope** — Add one or more local Git repository roots to an audit.
|
|
46
|
+
- **Run analysis locally** — File audits (LLM-based) and complexity metrics run on your machine; only metadata and results are sent to CodeDD.
|
|
47
|
+
- **Sync to CodeDD** — Scope metadata, audit results, complexity data, dependencies, and architecture are submitted to CodeDD, where consolidation, dependency enrichment, security scoring, and recommendations run on the server.
|
|
48
|
+
|
|
49
|
+
Ideal for teams who want to keep source code local while still using CodeDD’s analytics, recommendations, and reporting.
|
|
50
|
+
|
|
51
|
+
---
|
|
52
|
+
|
|
53
|
+
## Features
|
|
54
|
+
|
|
55
|
+
- **Scope management** — Add/remove local directories, sync with CodeDD, detect changes and re-confirm scope (delta updates).
|
|
56
|
+
- **Local file auditing** — LLM-based file analysis using your Anthropic or OpenAI API keys; supports batching and progress feedback.
|
|
57
|
+
- **Complexity analysis** — Cyclomatic complexity and Halstead metrics (Radon/Lizard) run locally and are submitted to CodeDD.
|
|
58
|
+
- **Dependency scanning** — Local lockfile/manifest and import parsing; dependency data is sent to CodeDD for vulnerability and license analysis.
|
|
59
|
+
- **Architecture analysis** — Local component/relationship extraction with optional LLM enhancement; Phase 3 synthesis and storage on CodeDD.
|
|
60
|
+
- **Payment and budget** — Pre-flight checks, LoC budget deduction, or Stripe checkout when additional payment is required.
|
|
61
|
+
- **Secure auth** — CLI tokens stored in the OS credential store (Windows Credential Locker, macOS Keychain, Linux Secret Service).
|
|
62
|
+
|
|
63
|
+
---
|
|
64
|
+
|
|
65
|
+
## Installation
|
|
66
|
+
|
|
67
|
+
### Requirements
|
|
68
|
+
|
|
69
|
+
- **Python 3.10+**
|
|
70
|
+
- A [CodeDD](https://codedd.ai) account and a CLI token (Account → CLI Access → Generate Token)
|
|
71
|
+
|
|
72
|
+
### From source (development)
|
|
73
|
+
|
|
74
|
+
```bash
|
|
75
|
+
git clone https://github.com/codedd/codedd-cli.git
|
|
76
|
+
cd codedd-cli
|
|
77
|
+
pip install -e .
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
### From PyPI (when available)
|
|
81
|
+
|
|
82
|
+
```bash
|
|
83
|
+
pip install codedd-cli
|
|
84
|
+
```
|
|
85
|
+
|
|
86
|
+
Verify:
|
|
87
|
+
|
|
88
|
+
```bash
|
|
89
|
+
codedd --version
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
---
|
|
93
|
+
|
|
94
|
+
## Quick start
|
|
95
|
+
|
|
96
|
+
### 1. Authenticate
|
|
97
|
+
|
|
98
|
+
Generate a CLI token at [codedd.ai](https://codedd.ai) (Account → CLI Access), then:
|
|
99
|
+
|
|
100
|
+
```bash
|
|
101
|
+
codedd auth login --token <your_token>
|
|
102
|
+
```
|
|
103
|
+
|
|
104
|
+
Or run `codedd auth login` and paste the token when prompted.
|
|
105
|
+
|
|
106
|
+
### 2. Select an audit
|
|
107
|
+
|
|
108
|
+
```bash
|
|
109
|
+
codedd audits list
|
|
110
|
+
codedd audits select
|
|
111
|
+
```
|
|
112
|
+
|
|
113
|
+
Choose a **group audit** (multiple repos) or a **single audit** (one repo). The selected audit becomes the active context for scope and audit commands.
|
|
114
|
+
|
|
115
|
+
### 3. Define scope
|
|
116
|
+
|
|
117
|
+
Add the local paths that correspond to the audit’s repositories (each must be a Git repo root):
|
|
118
|
+
|
|
119
|
+
```bash
|
|
120
|
+
codedd scope add /path/to/my-repo
|
|
121
|
+
codedd scope list
|
|
122
|
+
codedd scope confirm
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
`scope confirm` scans the directories, shows a preview (files, LoC), and registers scope with CodeDD. If you change files later, run `codedd audit start` — it will offer to re-sync scope (delta update) before starting.
|
|
126
|
+
|
|
127
|
+
### 4. Run an audit
|
|
128
|
+
|
|
129
|
+
Configure at least one LLM API key (used for file-level auditing):
|
|
130
|
+
|
|
131
|
+
```bash
|
|
132
|
+
codedd config set-key anthropic
|
|
133
|
+
# or: codedd config set-key openai
|
|
134
|
+
```
|
|
135
|
+
|
|
136
|
+
Then start the audit:
|
|
137
|
+
|
|
138
|
+
```bash
|
|
139
|
+
codedd audit start
|
|
140
|
+
```
|
|
141
|
+
|
|
142
|
+
The CLI will:
|
|
143
|
+
|
|
144
|
+
- Sync scope with CodeDD (and prompt to re-confirm if local files changed).
|
|
145
|
+
- Run pre-flight checks (payment, LoC budget).
|
|
146
|
+
- Optionally open payment in the browser or deduct from budget.
|
|
147
|
+
- Fetch the audit plan, run file auditing and complexity analysis locally, submit results, submit dependencies, submit architecture, and trigger server-side post-processing (consolidation, recommendations, completion email).
|
|
148
|
+
|
|
149
|
+
Results and recommendations are available in the CodeDD dashboard; you can also run `codedd audits list` to see status.
|
|
150
|
+
|
|
151
|
+
---
|
|
152
|
+
|
|
153
|
+
## Workflow overview
|
|
154
|
+
|
|
155
|
+
High-level flow:
|
|
156
|
+
|
|
157
|
+
```
|
|
158
|
+
┌─────────────────────────────────────────────────────────────────────────────┐
|
|
159
|
+
│ LOCAL │
|
|
160
|
+
│ 1. codedd audits select → Pick audit (group or single) │
|
|
161
|
+
│ 2. codedd scope add <path> → Add repo root(s) │
|
|
162
|
+
│ 3. codedd scope confirm → Scan & register scope with CodeDD │
|
|
163
|
+
│ 4. codedd audit start → Sync (if needed) → Pre-flight → Pay/budget │
|
|
164
|
+
│ └─ File audit (LLM) → Local │
|
|
165
|
+
│ └─ Complexity → Local │
|
|
166
|
+
│ └─ Submit results → CodeDD │
|
|
167
|
+
│ └─ Dependencies → Local scan → Submit → CodeDD │
|
|
168
|
+
│ └─ Architecture → Local phases → Submit → CodeDD │
|
|
169
|
+
│ └─ Complete → CodeDD runs consolidation & recommendations │
|
|
170
|
+
└─────────────────────────────────────────────────────────────────────────────┘
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
| Step | Where it runs | What happens |
|
|
174
|
+
|-------------------|---------------|--------------|
|
|
175
|
+
| Scope add/confirm | Local | Scan dirs, count files/LoC; register or delta-update scope on CodeDD. |
|
|
176
|
+
| Pre-flight | CodeDD | Check payment, budget, status. |
|
|
177
|
+
| File audit | Local | LLM (Anthropic/OpenAI) analyses each file; results sent to CodeDD. |
|
|
178
|
+
| Complexity | Local | Radon/Lizard; metrics sent to CodeDD. |
|
|
179
|
+
| Dependencies | Local + CodeDD| Lockfiles/imports sent; CodeDD does metadata, vulns, licenses. |
|
|
180
|
+
| Architecture | Local + CodeDD| Components/relations sent; CodeDD does Phase 3 and storage. |
|
|
181
|
+
| Recommendations | CodeDD | Consolidation, technical debt, security, licenses, etc. |
|
|
182
|
+
|
|
183
|
+
---
|
|
184
|
+
|
|
185
|
+
## Commands reference
|
|
186
|
+
|
|
187
|
+
### Authentication
|
|
188
|
+
|
|
189
|
+
| Command | Description |
|
|
190
|
+
|--------|-------------|
|
|
191
|
+
| `codedd auth login` | Log in with a CLI token (prompt or `--token`) |
|
|
192
|
+
| `codedd auth logout` | Clear stored credentials |
|
|
193
|
+
| `codedd auth status` | Show current account and token state |
|
|
194
|
+
|
|
195
|
+
### Audits
|
|
196
|
+
|
|
197
|
+
| Command | Description |
|
|
198
|
+
|--------|-------------|
|
|
199
|
+
| `codedd audits list` | List audits (`--type single\|group`, `--limit`, `--page`) |
|
|
200
|
+
| `codedd audits select [uuid]` | Set active audit (interactive if UUID omitted) |
|
|
201
|
+
|
|
202
|
+
### Scope
|
|
203
|
+
|
|
204
|
+
| Command | Description |
|
|
205
|
+
|--------|-------------|
|
|
206
|
+
| `codedd scope add <path> [path ...]` | Add Git repository root(s) to the active audit’s scope |
|
|
207
|
+
| `codedd scope remove <n>` | Remove directory by list number |
|
|
208
|
+
| `codedd scope list` | List directories in scope |
|
|
209
|
+
| `codedd scope clear` | Remove all directories from scope |
|
|
210
|
+
| `codedd scope status` | Show scope and sync state per directory |
|
|
211
|
+
| `codedd scope confirm` | Scan, preview, and register scope with CodeDD |
|
|
212
|
+
| `codedd scope sync` | Compare local vs CodeDD and show changes |
|
|
213
|
+
|
|
214
|
+
### Audit execution
|
|
215
|
+
|
|
216
|
+
| Command | Description |
|
|
217
|
+
|--------|-------------|
|
|
218
|
+
| `codedd audit start` | Sync scope (if needed), pre-flight, pay/budget, then run full local audit and submit to CodeDD. Use `--skip-sync` to skip scope sync; `--yes` to auto-confirm; `--debug-llm` for LLM debug output. |
|
|
219
|
+
|
|
220
|
+
### Configuration
|
|
221
|
+
|
|
222
|
+
| Command | Description |
|
|
223
|
+
|--------|-------------|
|
|
224
|
+
| `codedd config show` | Show current config (API URL, active audit, scope, etc.) |
|
|
225
|
+
| `codedd config set <key> <value>` | Set a config value |
|
|
226
|
+
| `codedd config set-key [anthropic\|openai]` | Store an LLM API key in the OS keychain |
|
|
227
|
+
| `codedd config show-keys` | List which providers have keys configured (not the keys themselves) |
|
|
228
|
+
| `codedd config provider [anthropic\|openai\|both]` | Set preferred LLM provider |
|
|
229
|
+
| `codedd config concurrency <n>` | Set max concurrent LLM requests (default 6) |
|
|
230
|
+
|
|
231
|
+
---
|
|
232
|
+
|
|
233
|
+
## Configuration
|
|
234
|
+
|
|
235
|
+
- **Config file:** `~/.codedd/config.toml` (TOML). Stores API URL, active audit, scope directories, LLM provider, concurrency. Permissions are restricted to the owner (Unix).
|
|
236
|
+
- **Secrets:** The CLI token and LLM API keys are stored in the system keychain (Windows Credential Locker, macOS Keychain, Linux Secret Service), not in the config file.
|
|
237
|
+
|
|
238
|
+
### Environment variables
|
|
239
|
+
|
|
240
|
+
| Variable | Purpose |
|
|
241
|
+
|---------|---------|
|
|
242
|
+
| `CODEDD_API_TOKEN` | Override the stored CLI token (e.g. for CI) |
|
|
243
|
+
| `CODEDD_API_URL` | Override API base URL (default from config) |
|
|
244
|
+
|
|
245
|
+
---
|
|
246
|
+
|
|
247
|
+
## Security
|
|
248
|
+
|
|
249
|
+
- CLI tokens and LLM keys are stored in the OS credential store, not in plaintext on disk.
|
|
250
|
+
- TLS certificate verification is always enabled for API requests.
|
|
251
|
+
- Config file and `~/.codedd` directory use owner-only permissions where supported.
|
|
252
|
+
- Tokens expire after 90 days (server-configurable); re-generate from the CodeDD dashboard when needed.
|
|
253
|
+
|
|
254
|
+
---
|
|
255
|
+
|
|
256
|
+
## Development
|
|
257
|
+
|
|
258
|
+
```bash
|
|
259
|
+
pip install -e ".[dev]"
|
|
260
|
+
pytest
|
|
261
|
+
ruff check .
|
|
262
|
+
```
|
|
263
|
+
|
|
264
|
+
---
|
|
265
|
+
|
|
266
|
+
## License
|
|
267
|
+
|
|
268
|
+
MIT License — see [LICENSE](LICENSE).
|
|
269
|
+
|
|
270
|
+
---
|
|
271
|
+
|
|
272
|
+
## Support
|
|
273
|
+
|
|
274
|
+
- **Issues:** [GitHub Issues](https://github.com/codedd/codedd-cli/issues)
|
|
275
|
+
- **Product:** [CodeDD](https://codedd.ai)
|
|
276
|
+
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
codedd_cli/__init__.py,sha256=Nh54GxN4b3maIIGKwfy7-RIYZ8uRG1YLJ6RaxR76cJE,80
|
|
2
|
+
codedd_cli/__main__.py,sha256=BWSn1viJie1Zifia46IxQOb4bk2ARR5KyRlWQcG6PbQ,375
|
|
3
|
+
codedd_cli/api/__init__.py,sha256=7J_sCMfEON4n4fpwMtlSPf1fCH7Pct2LpwFqeXp8-iY,135
|
|
4
|
+
codedd_cli/api/client.py,sha256=oU1fBE7jmzNbIrPWL_1hhjCdlI3huE2ElffBbmw5NYQ,3703
|
|
5
|
+
codedd_cli/api/endpoints.py,sha256=ekTZ5uk_3wSc81tcwMLbHVyosK0EKpy1OgCE4jVYzvo,1422
|
|
6
|
+
codedd_cli/api/exceptions.py,sha256=MBtkC_Dtslvzp7kIITH0PBnj1q5h0v70oo4xPgrsvcg,845
|
|
7
|
+
codedd_cli/auditor/__init__.py,sha256=MV74TU9Vr913qkgNG_LNGg9OKgsZclP4f4JQQKoKPco,175
|
|
8
|
+
codedd_cli/auditor/architecture_analyzer.py,sha256=GwLs0stxs5I2_P7ge_viIW-zVWaWtXCghZSWshzu4KI,51795
|
|
9
|
+
codedd_cli/auditor/architecture_prompts.py,sha256=X8Z2CuCNlI0RJkh_vWvAlNopxXwdkUAbAvD04vSGtrk,6606
|
|
10
|
+
codedd_cli/auditor/complexity_analyzer.py,sha256=3rsoggecKWoAD7ZLGk916aGJJmSkNgAY20rmczyu4iY,35396
|
|
11
|
+
codedd_cli/auditor/dependency_scanner.py,sha256=f44MDS-Cn0zi4I5GzPAvE2sX-OAy5VZIRbUeOppGLQ8,100282
|
|
12
|
+
codedd_cli/auditor/file_auditor.py,sha256=RCdyLuRABkYv5VV6CZwCaizjTtF2NtngP9veexji2uE,22188
|
|
13
|
+
codedd_cli/auditor/git_stats_collector.py,sha256=i71Ult19ULh9gj8cX_WiUAwKjeg4liwIYQfLq4dE2vg,12296
|
|
14
|
+
codedd_cli/auditor/response_parser.py,sha256=VP80K6MWROsEkT0TdikLnGPXoAdYzlH4D4E8PyFBytM,18367
|
|
15
|
+
codedd_cli/auditor/vulnerability_validator.py,sha256=6pYdnybunBpvSBBrTwHoO_M1POHzLy6aktPhAuPHAOU,11103
|
|
16
|
+
codedd_cli/auth/__init__.py,sha256=ZdbH4hx8O8gpltE1JsR6fVVW4xnJwH41g1ZnD21Lljg,148
|
|
17
|
+
codedd_cli/auth/session.py,sha256=J9ewkrI4iDZdpTj5P-Xn5BrnTlReF2hdUks7uSwneoE,1101
|
|
18
|
+
codedd_cli/auth/token_manager.py,sha256=uDPpcvXZv2WIEQrKEOorHjC62ANy7xWvCTBIM2Vd4Zo,2421
|
|
19
|
+
codedd_cli/cli.py,sha256=2AWLjPqjBwj8l4exNCPH5d8Lq6iNnu3xiEtK2BlotUA,2100
|
|
20
|
+
codedd_cli/commands/__init__.py,sha256=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN_XKdLCPjaYaY,2
|
|
21
|
+
codedd_cli/commands/audit_cmd.py,sha256=9OhPmzF7LGm_ChDhmsd75Bb3QGglgEkL19TwhvzMdDE,72119
|
|
22
|
+
codedd_cli/commands/audits_cmd.py,sha256=cvRa4YNNQdJSX-QkM33UYM_DKinmgSzDswytXyCXeUI,8936
|
|
23
|
+
codedd_cli/commands/auth_cmd.py,sha256=MWjqpYb7lC4Li_7Vc6vvGTkLrNMNrUdwM2AqwAH3Cdc,8206
|
|
24
|
+
codedd_cli/commands/config_cmd.py,sha256=m29gUwqYTDjjyvjeKCj8Tlx4okJ0BT8BBb8iKW0hThU,15798
|
|
25
|
+
codedd_cli/commands/scope_cmd.py,sha256=VcSP3AX9Z3aa_Gc2dIf7FuBRbVHGN4ANVsZgrdUl2xw,35439
|
|
26
|
+
codedd_cli/config/__init__.py,sha256=XXTW8dmd649U8QQf20bcDhBS2bzb0PPU4nl8LpWF7pI,215
|
|
27
|
+
codedd_cli/config/constants.py,sha256=IvN5ZwzS-sCO77VKBXfTNziS6Nq0m5VE6g-_xzsvgP4,544
|
|
28
|
+
codedd_cli/config/settings.py,sha256=oNIIWoWgFz195vD-JEVuzYeAccH78DMvH3ZWwoOWHds,13446
|
|
29
|
+
codedd_cli/llm/__init__.py,sha256=8awhyNZ6w4ORd12OHBSUBl9JhbiswCq-FeJymnZOH84,49
|
|
30
|
+
codedd_cli/llm/key_manager.py,sha256=NYeKbXDJTElwyAyNlA3LBujubXjSYCOn0nccAnh2w8A,9356
|
|
31
|
+
codedd_cli/models/__init__.py,sha256=ARq8JYf8ucNR67lRV_y2fk2zXFOrjspiN3ujccnigrg,233
|
|
32
|
+
codedd_cli/models/account.py,sha256=GupiUt-T9dxFVUAhL-6OjmICAEnobjugNwqwOxyg-ms,348
|
|
33
|
+
codedd_cli/models/audit.py,sha256=yjhcAlcb9Oygm299bGQnlh9bh_KPP-bzhK3L_tfsQeE,730
|
|
34
|
+
codedd_cli/models/local_directory.py,sha256=NohE8EqdVXlHaq0V2RGtrblt0Ez86d54hvuxSlwWZyQ,769
|
|
35
|
+
codedd_cli/scanner/__init__.py,sha256=RXTXP2b7ViWf5mgP-N2QQ4kayC1iACvH6saZJ8nlmSo,599
|
|
36
|
+
codedd_cli/scanner/file_classifier.py,sha256=CZ90hla_VOEPtcb6KehZdPC-FLcXnDemm8b9lukrYRQ,10388
|
|
37
|
+
codedd_cli/scanner/file_walker.py,sha256=SSnEcHV4KoPYVyMEixUri_NgJHIi_pi8Li2N-nBuYfo,7117
|
|
38
|
+
codedd_cli/scanner/line_counter.py,sha256=6d5nsY7JdiCbOJhS0Gyu0Cz2DVhgls9aTx2mKRL5Lxs,2047
|
|
39
|
+
codedd_cli/utils/__init__.py,sha256=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN_XKdLCPjaYaY,2
|
|
40
|
+
codedd_cli/utils/directory_validator.py,sha256=47X6czzjOF-TP950X6hzvm5hm9bfKWDLWixzmoGbgVA,6124
|
|
41
|
+
codedd_cli/utils/display.py,sha256=q1kMX1_CR3GOjM6EiillNRG8cmGwJwQnBPzfCcYvims,18423
|
|
42
|
+
codedd_cli/utils/payload_inspector.py,sha256=BGUoGBnOFO4mYYjibi5mqX8vp-0NG-iv4Jbm0NLHAPI,5846
|
|
43
|
+
codedd_cli/utils/security.py,sha256=i5hwU8tbEDZG3cpfRRxsIYLnkeZUhNaAuiMNEsztBts,301
|
|
44
|
+
codedd_cli/utils/validators.py,sha256=H10xwg1sMgF26TeVFi_eD9D3d82KLWxxpTuvhbc7CM8,1105
|
|
45
|
+
codedd_cli-0.1.0.dist-info/entry_points.txt,sha256=VVvyUcb_fHHFpxPg6BGvYA3S1KC-VLX8HyaJJel9VOI,51
|
|
46
|
+
codedd_cli-0.1.0.dist-info/licenses/LICENSE,sha256=1aejRb4am68aKd1IL3kCBN6krYpP4sEYYpu1u5ysPEw,1071
|
|
47
|
+
codedd_cli-0.1.0.dist-info/METADATA,sha256=RUNBpmsYvt-TlrM3CAXvY-eDKFmtdhZb9hzW-CxxsBQ,10723
|
|
48
|
+
codedd_cli-0.1.0.dist-info/WHEEL,sha256=kJCRJT_g0adfAJzTx2GUMmS80rTJIVHRCfG0DQgLq3o,88
|
|
49
|
+
codedd_cli-0.1.0.dist-info/RECORD,,
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 CodeDD Limited
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|